US11693940B2 - Partitioned platform security mechanism - Google Patents

Partitioned platform security mechanism Download PDF

Info

Publication number
US11693940B2
US11693940B2 US17/355,378 US202117355378A US11693940B2 US 11693940 B2 US11693940 B2 US 11693940B2 US 202117355378 A US202117355378 A US 202117355378A US 11693940 B2 US11693940 B2 US 11693940B2
Authority
US
United States
Prior art keywords
rot
sub
leaf
sockets
root
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active, expires
Application number
US17/355,378
Other versions
US20210319088A1 (en
Inventor
Bharat Pillilli
David W. Palmer
Nikola Radovanovic
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Intel Corp
Original Assignee
Intel Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Intel Corp filed Critical Intel Corp
Priority to US17/355,378 priority Critical patent/US11693940B2/en
Publication of US20210319088A1 publication Critical patent/US20210319088A1/en
Priority to TW111108416A priority patent/TW202301166A/en
Priority to PCT/US2022/019779 priority patent/WO2022271220A1/en
Assigned to INTEL CORPORATION reassignment INTEL CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: PALMER, DAVID W., PILLILLI, BHARAT, RADOVANOVIC, NIKOLA
Priority to US18/296,679 priority patent/US20230244772A1/en
Application granted granted Critical
Publication of US11693940B2 publication Critical patent/US11693940B2/en
Active legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/73Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/85Protecting input, output or interconnection devices interconnection devices, e.g. bus-connected or in-line devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2129Authenticate client device independently of the user

Definitions

  • a system on chip is an integrated circuit that integrates all components of a computer or other electronic system. These components include a central processing unit (CPU), memory, input/output (IO) ports and secondary storage, which are all included on a single substrate or microchip.
  • CPU central processing unit
  • IO input/output
  • secondary storage which are all included on a single substrate or microchip.
  • FIG. 1 illustrates one embodiment of a computing device.
  • FIG. 2 illustrates one embodiment of a platform.
  • FIG. 3 illustrates one embodiment of a CPU socket.
  • FIGS. 4 A and 4 B illustrate another embodiment of a CPU socket.
  • FIG. 5 illustrates one embodiment of a certificate authority.
  • FIG. 6 is a flow diagram illustrating one embodiment of a process for establishing a partitioned root of trust.
  • FIG. 7 illustrates one embodiment of a schematic diagram of an illustrative electronic computing device.
  • a mechanism is provided to facilitate identification verification of independent virtual clusters operating on a single physical CPU.
  • references to “one embodiment”, “an embodiment”, “example embodiment”, “various embodiments”, etc. indicate that the embodiment(s) so described may include particular features, structures, or characteristics, but not every embodiment necessarily includes the particular features, structures, or characteristics. Further, some embodiments may have some, all, or none of the features described for other embodiments.
  • Coupled is used to indicate that two or more elements cooperate or interact with each other, but they may or may not have intervening physical or electrical components between them.
  • FIG. 1 illustrates one embodiment of a computing device 100 .
  • computing device 100 comprises a computer platform hosting an integrated circuit (“IC”), such as a system on a chip (“SoC” or “SOC”), integrating various hardware and/or software components of computing device 100 on a single chip.
  • IC integrated circuit
  • SoC system on a chip
  • SOC system on a chip
  • computing device 100 may include any number and type of hardware and/or software components, such as (without limitation) graphics processing unit 114 (“GPU” or simply “graphics processor”), graphics driver 116 (also referred to as “GPU driver”, “graphics driver logic”, “driver logic”, user-mode driver (UMD), UMD, user-mode driver framework (UMDF), UMDF, or simply “driver”), central processing unit 112 (“CPU” or simply “application processor”), memory 108 , network devices, drivers, or the like, as well as input/output (I/O) sources 104 , such as touchscreens, touch panels, touch pads, virtual or regular keyboards, virtual or regular mice, ports, connectors, etc.
  • Computing device 100 may include operating system (OS) 106 serving as an interface between hardware and/or physical resources of computing device 100 and a user.
  • OS operating system
  • computing device 100 may vary from implementation to implementation depending upon numerous factors, such as price constraints, performance requirements, technological improvements, or other circumstances.
  • Embodiments may be implemented as any or a combination of: one or more microchips or integrated circuits interconnected using a parentboard, hardwired logic, software stored by a memory device and executed by a microprocessor, firmware, an application specific integrated circuit (ASIC), and/or a field programmable gate array (FPGA).
  • the terms “logic”, “module”, “component”, “engine”, and “mechanism” may include, by way of example, software or hardware and/or a combination thereof, such as firmware.
  • Embodiments may be implemented using one or more memory chips, controllers, CPUs (Central Processing Unit), microchips or integrated circuits interconnected using a motherboard, an application specific integrated circuit (ASIC), and/or a field programmable gate array (FPGA).
  • the term “logic” may include, by way of example, software or hardware and/or combinations of software and hardware.
  • FIG. 2 illustrates one embodiment of a platform 200 including a SOC 210 similar to computing device 100 discussed above.
  • SOC 210 includes other computing device components (e.g., memory 108 and CPU 112 ) coupled via a system fabric 205 .
  • system fabric 205 comprises an integrated on-chip system fabric (IOSF) to provide a standardized on-die interconnect protocol for coupling interconnect protocol (IP) agents 230 (e.g., IP agents 230 A and 230 B) within SOC 210 .
  • IP interconnect protocol
  • the interconnect protocol provides a standardized interface to enable third parties to design logic such as IP agents to be incorporated in SOC 210 .
  • IP agents 230 may include general purpose processors (e.g., in-order or out-of-order cores), fixed function units, graphics processors, I/O controllers, display controllers, etc.
  • each IP agent 230 includes a hardware interface 235 (e.g., 235 A and 235 B) to provide standardization to enable the IP agent 230 to communicate with SOC 210 components.
  • interface 235 provides a standardization to enable the VPU to access memory 108 via fabric 205 .
  • SOC 210 is coupled to a non-volatile memory 250 .
  • Non-volatile memory 250 may be implemented as a Peripheral Component Interconnect Express (PCIe) storage drive, such as a solid-state drive (SSD) or Non-Volatile Memory Express (NVMe) drives.
  • PCIe Peripheral Component Interconnect Express
  • SSD solid-state drive
  • NVMe Non-Volatile Memory Express
  • non-volatile memory 250 is implemented to store the platform 200 firmware 255 .
  • SOC 210 is coupled to non-volatile memory 250 via a serial peripheral interface (SPI) 201 .
  • SOC 210 includes SPI controller 260 coupled between SPI 201 and system fabric 205 .
  • SPI controller 260 is a flash controller implemented to control access to non-volatile memory 250 via SPI 201 .
  • SOC 210 also includes a security engine 240 that performs various security operations (e.g., security processing, cryptographic functions, etc.) for SOC 210 .
  • security engine 240 comprises an IP agent 230 that is implemented to perform the security operations.
  • security engine 240 operates as a root of trust (or platform ROT) to assure the integrity of hardware and software operating on platform 200 .
  • FIG. 3 illustrates one embodiment of a CPU socket 350 .
  • CPU socket 350 includes having CPU cores (or tiles) 352 , in which tiles 352 A and 352 B are assigned to a cluster 0 and tiles 352 C and 352 D are assigned to a cluster 1 .
  • each cluster operates as an independent CPU socket that may execute independent OSs.
  • a single CPU 350 may be partitioned such that a single physical CPU and its resources may be partitioned into “independent” sub-sockets based on workload distribution requirements.
  • a socket must provide its identity and measurements to a platform ROT (e.g., a platform security engine).
  • a platform ROT e.g., a platform security engine
  • the platform ROT typically requires a device identity to be independently established for each cluster in instances in which a physical socket is partitioned into multiple sub-sockets. The problem is that there is only a single identity associated with the physical CPU.
  • CPU 350 and its chain of trust is provisioned (e.g., by the manufacturer) with a single physical device identity that is used as a “Root” active component root of trust (or AC-ROT Root) by a platform ROT (e.g., security engine 240 ) to authenticate CPU 350 in order to maintain platform integrity.
  • a platform ROT e.g., security engine 240
  • an AC-ROT associated with each sub-socket communicates with the platform ROT when a physical CPU has been dynamically partitioned into multiple sub-sockets.
  • an AC-ROT associated with a sub-socket comprises a “Leaf” AC-ROT (or AC-ROT Leaf) that uses AC-ROT Root as an on-die certificate authority (OD-CA).
  • OD-CA on-die certificate authority
  • a certificate chain derived for each AC-ROT associated with a sub-socket provides a unique identity for each AC-ROT Leaf since the Root is manufacturer certified.
  • a certificate authority is an entity that issues digital certificates that certify the ownership of a public key by a named subject of the certificate, which allows others (e.g., relying parties) to rely upon signatures or on assertions made about the private key that corresponds to the certified public key.
  • FIGS. 4 A and 4 B illustrate another embodiment of a CPU 350 .
  • FIG. 4 A illustrates CPU socket 350 prior to dynamic partitioning
  • FIG. 4 B illustrates CPU socket 350 after being partitioned into multiple sub-sockets.
  • each sub-socket is configured as a cluster of resources.
  • a first sub-socket is configured as cluster 0 each that includes I/O 340 A and compute/accelerator resources 410 A
  • a second sub-socket is configured as cluster 1 each that includes I/O 340 B and compute/accelerator resources 410 B.
  • compute/accelerator resources 410 may represent tiles 352 shown in FIG. 3 .
  • CPU 350 also includes control unit 450 that is implemented to direct the operation of CPU 350 .
  • control unit 450 is implemented is configured to perform the dynamic partitioning of CPU socket 350 into multiple sub-sockets.
  • control unit 450 assigns a unique identity to each of the multiple sub-sockets.
  • control unit 450 assigns AC-ROT Root to one of the partitioned sub-sockets and generates an AC-ROT Leaf for each of the remaining sub-sockets.
  • dynamic partitioning is defined as an automatic combination and division of sub-sockets based on CPU workloads in which multiple sub-partitions may be combined while another sub-socket partition is fully active executing a workload. Although shown as a two sub-socket implementation, other embodiments may implement different quantities of sub-sockets.
  • FIG. 4 B shows cluster 0 as implementing an AC-ROT Leaf 0
  • cluster 1 comprises an AC-ROT Leaf 1
  • a Root is defined as an AC-ROT registered by a manufacturer as an authentic via a certification process, while a Leaf as the AC-ROT that does not have a directly allocated identity.
  • control unit 450 uses the AC-ROT Root to generate an AC-ROT Leaf for each of the sub-sockets.
  • AC-ROT Leaf receives a device identifier (or Device ID) public key signed by the AC-ROT Root.
  • AC-ROT Root operates as a certificate of authority.
  • the resulting certificate chain thereby carries the identity of the manufacturer embedded in the Root AC-ROT.
  • the platform ROT may independently verify the identify and measurements provided by multiple AC-ROTs as if each were separate physical sockets.
  • FIG. 5 illustrates one embodiment of a certificate authority view of an AC-ROT Root.
  • AC-ROT Root operates as an on-die certificate authority to generate a certificate chain associated with an AC-ROT Leaf.
  • the certificate chain associated with an AC-ROT Leaf includes the Leaf identity (e.g., LEAF 1 ), an indication that the identified leaf has been cryptographically signed by the AC-ROT Root (e.g., LEAF 0 signed by “Root”) and the on-device device signature authority associated with the CPU manufacturer (e.g., IDENTITY).
  • FIG. 6 is a flow diagram illustrating one embodiment of a process for establishing a root of trust for sub-sockets of a partitioned CPU socket.
  • partitioning of the CPU socket is detected.
  • the CPU socket may be dynamically partitioned into multiple sub-sockets based on CPU workloads.
  • each sub-socket operates as its own virtual cluster of resources that is used to execute separate workloads.
  • an AC-ROT Leaf is generated for each of the multiple sub-sockets for security verification.
  • an AC-ROT Leaf is generated from a certificate chain using AC-ROT Root as a certificate authority.
  • each AC-ROT Leaf communicates with the platform ROT (e.g., security engine 240 ) for identity verification.
  • the platform ROT independently verifies the identify and measurements provided by the AC-ROT Leafs as if each were separate physical sockets.
  • FIG. 7 is a schematic diagram of an illustrative electronic computing device to enable enhanced protection against adversarial attacks according to some embodiments.
  • the computing device 700 includes one or more processors 710 including one or more processors cores 718 and a TEE 764 , the TEE including a machine learning service enclave (MLSE) 780 .
  • the computing device 700 includes a hardware accelerator 768 , the hardware accelerator including a cryptographic engine 782 and a machine learning model 784 .
  • the computing device is to provide enhanced protections against ML adversarial attacks, as provided in FIGS. 1 - 6 .
  • the computing device 700 may additionally include one or more of the following: cache 762 , a graphical processing unit (GPU) 712 (which may be the hardware accelerator in some implementations), a wireless input/output (I/O) interface 720 , a wired I/O interface 730 , memory circuitry 740 , power management circuitry 750 , non-transitory storage device 760 , and a network interface 770 for connection to a network 772 .
  • GPU graphical processing unit
  • I/O wireless input/output
  • wired I/O interface 730 a wired I/O interface 730
  • memory circuitry 740 e.g., a memory circuitry 740 , power management circuitry 750 , non-transitory storage device 760 , and a network interface 770 for connection to a network 772 .
  • the following discussion provides a brief, general description of the components forming the illustrative computing device 700 .
  • Example, non-limiting computing devices 700 may include a desktop computing
  • the processor cores 718 are capable of executing machine-readable instruction sets 714 , reading data and/or instruction sets 714 from one or more storage devices 760 and writing data to the one or more storage devices 760 .
  • processor-based device configurations including portable electronic or handheld electronic devices, for instance smartphones, portable computers, wearable computers, consumer electronics, personal computers (“PCs”), network PCs, minicomputers, server blades, mainframe computers, and the like.
  • the processor cores 718 may include any number of hardwired or configurable circuits, some or all of which may include programmable and/or configurable combinations of electronic components, semiconductor devices, and/or logic elements that are disposed partially or wholly in a PC, server, or other computing system capable of executing processor-readable instructions.
  • the computing device 700 includes a bus or similar communications link 716 that communicably couples and facilitates the exchange of information and/or data between various system components including the processor cores 718 , the cache 762 , the graphics processor circuitry 712 , one or more wireless I/O interfaces 720 , one or more wired I/O interfaces 730 , one or more storage devices 760 , and/or one or more network interfaces 770 .
  • the computing device 700 may be referred to in the singular herein, but this is not intended to limit the embodiments to a single computing device 700 , since in certain embodiments, there may be more than one computing device 700 that incorporates, includes, or contains any number of communicably coupled, collocated, or remote networked circuits or devices.
  • the processor cores 718 may include any number, type, or combination of currently available or future developed devices capable of executing machine-readable instruction sets.
  • the processor cores 718 may include (or be coupled to) but are not limited to any current or future developed single- or multi-core processor or microprocessor, such as: on or more systems on a chip (SOCs); central processing units (CPUs); digital signal processors (DSPs); graphics processing units (GPUs); application-specific integrated circuits (ASICs), programmable logic units, field programmable gate arrays (FPGAs), and the like.
  • SOCs systems on a chip
  • CPUs central processing units
  • DSPs digital signal processors
  • GPUs graphics processing units
  • ASICs application-specific integrated circuits
  • FPGAs field programmable gate arrays
  • the bus 716 that interconnects at least some of the components of the computing device 700 may employ any currently available or future developed serial or parallel bus structures or architectures.
  • the system memory 740 may include read-only memory (“ROM”) 742 and random-access memory (“RAM”) 746 .
  • ROM read-only memory
  • RAM random-access memory
  • a portion of the ROM 742 may be used to store or otherwise retain a basic input/output system (“BIOS”) 744 .
  • BIOS 744 provides basic functionality to the computing device 700 , for example by causing the processor cores 718 to load and/or execute one or more machine-readable instruction sets 714 .
  • At least some of the one or more machine-readable instruction sets 714 cause at least a portion of the processor cores 718 to provide, create, produce, transition, and/or function as a dedicated, specific, and particular machine, for example a word processing machine, a digital image acquisition machine, a media playing machine, a gaming system, a communications device, a smartphone, or similar.
  • the computing device 700 may include at least one wireless input/output (I/O) interface 720 .
  • the at least one wireless I/O interface 720 may be communicably coupled to one or more physical output devices 722 (tactile devices, video displays, audio output devices, hardcopy output devices, etc.).
  • the at least one wireless I/O interface 720 may communicably couple to one or more physical input devices 724 (pointing devices, touchscreens, keyboards, tactile devices, etc.).
  • the at least one wireless I/O interface 720 may include any currently available or future developed wireless I/O interface.
  • Example wireless I/O interfaces include, but are not limited to: BLUETOOTH®, near field communication (NFC), and similar.
  • the computing device 700 may include one or more wired input/output (I/O) interfaces 730 .
  • the at least one wired I/O interface 730 may be communicably coupled to one or more physical output devices 722 (tactile devices, video displays, audio output devices, hardcopy output devices, etc.).
  • the at least one wired I/O interface 730 may be communicably coupled to one or more physical input devices 724 (pointing devices, touchscreens, keyboards, tactile devices, etc.).
  • the wired I/O interface 730 may include any currently available or future developed I/O interface.
  • Example wired I/O interfaces include but are not limited to: universal serial bus (USB), IEEE 1394 (“FireWire”), and similar.
  • the computing device 700 may include one or more communicably coupled, non-transitory, data storage devices 760 .
  • the data storage devices 760 may include one or more hard disk drives (HDDs) and/or one or more solid-state storage devices (SSDs).
  • the one or more data storage devices 760 may include any current or future developed storage appliances, network storage devices, and/or systems. Non-limiting examples of such data storage devices 760 may include, but are not limited to, any current or future developed non-transitory storage appliances or devices, such as one or more magnetic storage devices, one or more optical storage devices, one or more electro-resistive storage devices, one or more molecular storage devices, one or more quantum storage devices, or various combinations thereof.
  • the one or more data storage devices 760 may include one or more removable storage devices, such as one or more flash drives, flash memories, flash storage units, or similar appliances or devices capable of communicable coupling to and decoupling from the computing device 700 .
  • the one or more data storage devices 760 may include interfaces or controllers (not shown) communicatively coupling the respective storage device or system to the bus 716 .
  • the one or more data storage devices 760 may store, retain, or otherwise contain machine-readable instruction sets, data structures, program modules, data stores, databases, logical structures, and/or other data useful to the processor cores 718 and/or graphics processor circuitry 712 and/or one or more applications executed on or by the processor cores 718 and/or graphics processor circuitry 712 .
  • one or more data storage devices 760 may be communicably coupled to the processor cores 718 , for example via the bus 716 or via one or more wired communications interfaces 730 (e.g., Universal Serial Bus or USB); one or more wireless communications interfaces 720 (e.g., Bluetooth®, Near Field Communication or NFC); and/or one or more network interfaces 770 (IEEE 802.3 or Ethernet, IEEE 802.11, or Wi-Fi®, etc.).
  • wired communications interfaces 730 e.g., Universal Serial Bus or USB
  • wireless communications interfaces 720 e.g., Bluetooth®, Near Field Communication or NFC
  • network interfaces 770 IEEE 802.3 or Ethernet, IEEE 802.11, or Wi-Fi®, etc.
  • Processor-readable instruction sets 714 and other programs, applications, logic sets, and/or modules may be stored in whole or in part in the system memory 740 . Such instruction sets 714 may be transferred, in whole or in part, from the one or more data storage devices 760 . The instruction sets 714 may be loaded, stored, or otherwise retained in system memory 740 , in whole or in part, during execution by the processor cores 718 and/or graphics processor circuitry 712 .
  • the computing device 700 may include power management circuitry 750 that controls one or more operational aspects of the energy storage device 752 .
  • the energy storage device 752 may include one or more primary (i.e., non-rechargeable) or secondary (i.e., rechargeable) batteries or similar energy storage devices.
  • the energy storage device 752 may include one or more supercapacitors or ultracapacitors.
  • the power management circuitry 750 may alter, adjust, or control the flow of energy from an external power source 754 to the energy storage device 752 and/or to the computing device 700 .
  • the power source 754 may include, but is not limited to, a solar power system, a commercial electric grid, a portable generator, an external energy storage device, or any combination thereof.
  • the processor cores 718 , the graphics processor circuitry 712 , the wireless I/O interface 720 , the wired I/O interface 730 , the storage device 760 , and the network interface 770 are illustrated as communicatively coupled to each other via the bus 716 , thereby providing connectivity between the above-described components.
  • the above-described components may be communicatively coupled in a different manner than illustrated in FIG. 7 .
  • one or more of the above-described components may be directly coupled to other components, or may be coupled to each other, via one or more intermediary components (not shown).
  • one or more of the above-described components may be integrated into the processor cores 718 and/or the graphics processor circuitry 712 .
  • all or a portion of the bus 716 may be omitted and the components are coupled directly to each other using suitable wired or wireless connections.
  • Embodiments may be provided, for example, as a computer program product which may include one or more transitory or non-transitory machine-readable storage media having stored thereon machine-executable instructions that, when executed by one or more machines such as a computer, network of computers, or other electronic devices, may result in the one or more machines carrying out operations in accordance with embodiments described herein.
  • a machine-readable medium may include, but is not limited to, floppy diskettes, optical disks, CD-ROMs (Compact Disc-Read Only Memories), and magneto-optical disks, ROMs, RAMs, EPROMs (Erasable Programmable Read Only Memories), EEPROMs (Electrically Erasable Programmable Read Only Memories), magnetic or optical cards, flash memory, or other type of media/machine-readable medium suitable for storing machine-executable instructions.
  • Example 1 includes a computer platform comprising a central processing unit (CPU) including at least one socket having a plurality of tiles and control circuitry to partition the socket into a plurality of sub-sockets and assign a unique identity to each of the plurality of sub-sockets for security verification, wherein each sub-socket comprises at least one of the plurality of tiles to operate as a cluster of resources.
  • CPU central processing unit
  • Example 2 includes the subject matter of Example 1, wherein assigning the unique identity to each of the plurality of sub-sockets comprises generating a first active component root of trust (AC-ROT) Leaf associated with a first of the plurality of sub-sockets and generating a second active component AC-ROT Leaf associated with a second of the plurality of sub-sockets.
  • AC-ROT active component root of trust
  • Example 3 includes the subject matter of Examples 1 and 2, wherein the first AC-ROT Leaf and the second AC-ROT Leaf are generated using an AC-ROT Root.
  • Example 4 includes the subject matter of Examples 1-3, wherein the AC-ROT Root comprises the CPU AC-ROT.
  • Example 5 includes the subject matter of Examples 1-4, wherein the AC-ROT Root operates as a certificate of authority to generate a first certificate chain associated with the first AC-ROT Leaf and a second certificate chain associated with the second AC-ROT Leaf.
  • Example 6 includes the subject matter of Examples 1-5, wherein the certificate chain comprises a leaf identity, an indication that the identified leaf has been cryptographically signed by the AC-ROT Root and an on-device device signature authority associated with a manufacturer of the CPU.
  • Example 7 includes the subject matter of Examples 1-6, wherein the AC-ROT Leaf receives a device identifier public key signed by the AC-ROT Root.
  • Example 8 includes the subject matter of Examples 1-7, wherein the platform further comprises a security engine to operate is a root of trust for the platform.
  • Example 9 includes the subject matter of Examples 1-8, wherein the security engine verifies the identity of the first sub-socket via the first AC-ROT Leaf and verifies the identity of the second sub-socket via the second AC-ROT Leaf.
  • Example 10 includes a method comprising detecting a partitioning of a central processing unit (CPU) socket having a plurality of tiles into plurality of plurality of sub-sockets and assigning a unique identity to each of the plurality of sub-sockets for security verification, wherein each sub-socket comprises at least one of the plurality of tiles to operate as a cluster of resources.
  • CPU central processing unit
  • Example 11 includes the subject matter of Example 10, wherein assigning the unique identity to each of the plurality of sub-sockets comprises generating a first active component root of trust (AC-ROT) Leaf associated with a first of the plurality of sub-sockets and generating a second active component AC-ROT Leaf associated with a second of the plurality of sub-sockets.
  • AC-ROT active component root of trust
  • Example 12 includes the subject matter of Examples 10 and 11, wherein the first AC-ROT Leaf and the second AC-ROT Leaf are generated using an AC-ROT Root.
  • Example 13 includes the subject matter of Examples 10-12, wherein the AC-ROT Root comprises a CPU AC-ROT associated with the CPU.
  • Example 14 includes the subject matter of Examples 10-13, wherein the AC-ROT Root operates as a certificate of authority to generate a first certificate chain associated with the first AC-ROT Leaf and a second certificate chain associated with the second AC-ROT Leaf.
  • Example 15 includes the subject matter of Examples 10-14, further comprising verifying the identity of the first sub-socket via the first AC-ROT Leaf at a platform root of trust and verifying the identity of the second sub-socket via the second AC-ROT Leaf at the platform root of trust.
  • Example 16 includes a system on chip (SOC) comprising a central processing unit (CPU) including at least one socket having a plurality of tiles and control circuitry to partition the socket into a plurality of sub-sockets and assign a unique identity to each of the plurality of sub-sockets for security verification, wherein each sub-socket comprises at least one of the plurality of tiles to operate as a cluster of resources and a security engine to verify the identity of the plurality of sub-sockets.
  • SOC system on chip
  • CPU central processing unit
  • control circuitry to partition the socket into a plurality of sub-sockets and assign a unique identity to each of the plurality of sub-sockets for security verification
  • each sub-socket comprises at least one of the plurality of tiles to operate as a cluster of resources and a security engine to verify the identity of the plurality of sub-sockets.
  • Example 17 includes the subject matter of Example 16, wherein assigning the unique identity to each of the plurality of sub-sockets comprises generating a first active component root of trust (AC-ROT) Leaf associated with a first of the plurality of sub-sockets and generating a second active component AC-ROT Leaf associated with a second of the plurality of sub-sockets.
  • AC-ROT active component root of trust
  • Example 18 includes the subject matter of Examples 16 and 17, wherein the first AC-ROT Leaf and the second AC-ROT Leaf are generated using an AC-ROT Root.
  • Example 19 includes the subject matter of Examples 16-18, wherein the AC-ROT Root operates as a certificate of authority to generate a first certificate chain associated with the first AC-ROT Leaf and a second certificate chain associated with the second AC-ROT Leaf.
  • Example 20 includes the subject matter of Examples 16-19, wherein the security engine verifies the identity of the first sub-socket via the first AC-ROT Leaf and verifies the identity of the second sub-socket via the second AC-ROT Leaf.

Abstract

A computer platform is disclosed. The computer platform comprises a central processing unit (CPU) including at least one socket having a plurality of tiles and control circuitry to partition the socket into a plurality of sub-sockets and assign a unique identity to each of the plurality of sub-sockets for security verification, wherein each sub-socket comprises at least one of the plurality of tiles to operate as a cluster of resources.

Description

BACKGROUND OF THE DESCRIPTION
A system on chip (SOC) is an integrated circuit that integrates all components of a computer or other electronic system. These components include a central processing unit (CPU), memory, input/output (IO) ports and secondary storage, which are all included on a single substrate or microchip.
BRIEF DESCRIPTION OF THE DRAWINGS
So that the manner in which the above recited features of the present embodiment can be understood in detail, a more particular description of the embodiment, briefly summarized above, may be had by reference to embodiments, some of which are illustrated in the appended drawings. It is to be noted, however, that the appended drawings illustrate only typical embodiments of this embodiment and are therefore not to be considered limiting of its scope, for the embodiment may admit to other equally effective embodiments.
FIG. 1 illustrates one embodiment of a computing device.
FIG. 2 illustrates one embodiment of a platform.
FIG. 3 illustrates one embodiment of a CPU socket.
FIGS. 4A and 4B illustrate another embodiment of a CPU socket.
FIG. 5 illustrates one embodiment of a certificate authority.
FIG. 6 is a flow diagram illustrating one embodiment of a process for establishing a partitioned root of trust.
FIG. 7 illustrates one embodiment of a schematic diagram of an illustrative electronic computing device.
 DETAILED DESCRIPTION
In the following description, numerous specific details are set forth to provide a more thorough understanding of the present embodiment. However, it will be apparent to one of skill in the art that the present embodiment may be practiced without one or more of these specific details. In other instances, well-known features have not been described in order to avoid obscuring the present embodiment.
In embodiments, a mechanism is provided to facilitate identification verification of independent virtual clusters operating on a single physical CPU.
References to “one embodiment”, “an embodiment”, “example embodiment”, “various embodiments”, etc., indicate that the embodiment(s) so described may include particular features, structures, or characteristics, but not every embodiment necessarily includes the particular features, structures, or characteristics. Further, some embodiments may have some, all, or none of the features described for other embodiments.
In the following description and claims, the term “coupled” along with its derivatives, may be used. “Coupled” is used to indicate that two or more elements cooperate or interact with each other, but they may or may not have intervening physical or electrical components between them.
As used in the claims, unless otherwise specified, the use of the ordinal adjectives “first”, “second”, “third”, etc., to describe a common element, merely indicate that different instances of like elements are being referred to and are not intended to imply that the elements so described must be in a given sequence, either temporally, spatially, in ranking, or in any other manner.
FIG. 1 illustrates one embodiment of a computing device 100. According to one embodiment, computing device 100 comprises a computer platform hosting an integrated circuit (“IC”), such as a system on a chip (“SoC” or “SOC”), integrating various hardware and/or software components of computing device 100 on a single chip. As illustrated, in one embodiment, computing device 100 may include any number and type of hardware and/or software components, such as (without limitation) graphics processing unit 114 (“GPU” or simply “graphics processor”), graphics driver 116 (also referred to as “GPU driver”, “graphics driver logic”, “driver logic”, user-mode driver (UMD), UMD, user-mode driver framework (UMDF), UMDF, or simply “driver”), central processing unit 112 (“CPU” or simply “application processor”), memory 108, network devices, drivers, or the like, as well as input/output (I/O) sources 104, such as touchscreens, touch panels, touch pads, virtual or regular keyboards, virtual or regular mice, ports, connectors, etc. Computing device 100 may include operating system (OS) 106 serving as an interface between hardware and/or physical resources of computing device 100 and a user.
It is to be appreciated that a lesser or more equipped system than the example described above may be preferred for certain implementations. Therefore, the configuration of computing device 100 may vary from implementation to implementation depending upon numerous factors, such as price constraints, performance requirements, technological improvements, or other circumstances.
Embodiments may be implemented as any or a combination of: one or more microchips or integrated circuits interconnected using a parentboard, hardwired logic, software stored by a memory device and executed by a microprocessor, firmware, an application specific integrated circuit (ASIC), and/or a field programmable gate array (FPGA). The terms “logic”, “module”, “component”, “engine”, and “mechanism” may include, by way of example, software or hardware and/or a combination thereof, such as firmware.
Embodiments may be implemented using one or more memory chips, controllers, CPUs (Central Processing Unit), microchips or integrated circuits interconnected using a motherboard, an application specific integrated circuit (ASIC), and/or a field programmable gate array (FPGA). The term “logic” may include, by way of example, software or hardware and/or combinations of software and hardware.
FIG. 2 illustrates one embodiment of a platform 200 including a SOC 210 similar to computing device 100 discussed above. As shown in FIG. 2 , SOC 210 includes other computing device components (e.g., memory 108 and CPU 112) coupled via a system fabric 205. In one embodiment, system fabric 205 comprises an integrated on-chip system fabric (IOSF) to provide a standardized on-die interconnect protocol for coupling interconnect protocol (IP) agents 230 (e.g., IP agents 230A and 230B) within SOC 210. In such an embodiment, the interconnect protocol provides a standardized interface to enable third parties to design logic such as IP agents to be incorporated in SOC 210.
According to embodiment, IP agents 230 may include general purpose processors (e.g., in-order or out-of-order cores), fixed function units, graphics processors, I/O controllers, display controllers, etc. In such an embodiment, each IP agent 230 includes a hardware interface 235 (e.g., 235A and 235B) to provide standardization to enable the IP agent 230 to communicate with SOC 210 components. For example, in an embodiment in which IP agent 230 is a third-party visual processing unit (VPU), interface 235 provides a standardization to enable the VPU to access memory 108 via fabric 205.
Further, SOC 210 is coupled to a non-volatile memory 250. Non-volatile memory 250 may be implemented as a Peripheral Component Interconnect Express (PCIe) storage drive, such as a solid-state drive (SSD) or Non-Volatile Memory Express (NVMe) drives. In one embodiment, non-volatile memory 250 is implemented to store the platform 200 firmware 255. In one embodiment, SOC 210 is coupled to non-volatile memory 250 via a serial peripheral interface (SPI) 201. In such an embodiment, SOC 210 includes SPI controller 260 coupled between SPI 201 and system fabric 205. In a further embodiment, SPI controller 260 is a flash controller implemented to control access to non-volatile memory 250 via SPI 201.
SOC 210 also includes a security engine 240 that performs various security operations (e.g., security processing, cryptographic functions, etc.) for SOC 210. In one embodiment, security engine 240 comprises an IP agent 230 that is implemented to perform the security operations. In one embodiment, security engine 240 operates as a root of trust (or platform ROT) to assure the integrity of hardware and software operating on platform 200.
FIG. 3 illustrates one embodiment of a CPU socket 350. As shown in FIG. 3 , CPU socket 350 includes having CPU cores (or tiles) 352, in which tiles 352A and 352B are assigned to a cluster 0 and tiles 352C and 352D are assigned to a cluster 1. In one embodiment, each cluster operates as an independent CPU socket that may execute independent OSs. In such an embodiment, a single CPU 350 may be partitioned such that a single physical CPU and its resources may be partitioned into “independent” sub-sockets based on workload distribution requirements.
Typically, the integrity of a physical socket must be established prior to operation. Thus, a socket must provide its identity and measurements to a platform ROT (e.g., a platform security engine). However, the platform ROT typically requires a device identity to be independently established for each cluster in instances in which a physical socket is partitioned into multiple sub-sockets. The problem is that there is only a single identity associated with the physical CPU.
According to one embodiment, CPU 350 and its chain of trust is provisioned (e.g., by the manufacturer) with a single physical device identity that is used as a “Root” active component root of trust (or AC-ROT Root) by a platform ROT (e.g., security engine 240) to authenticate CPU 350 in order to maintain platform integrity. In a further embodiment, an AC-ROT associated with each sub-socket communicates with the platform ROT when a physical CPU has been dynamically partitioned into multiple sub-sockets.
In such an embodiment, an AC-ROT associated with a sub-socket comprises a “Leaf” AC-ROT (or AC-ROT Leaf) that uses AC-ROT Root as an on-die certificate authority (OD-CA). Thus, a certificate chain derived for each AC-ROT associated with a sub-socket provides a unique identity for each AC-ROT Leaf since the Root is manufacturer certified. As used herein, a certificate authority is an entity that issues digital certificates that certify the ownership of a public key by a named subject of the certificate, which allows others (e.g., relying parties) to rely upon signatures or on assertions made about the private key that corresponds to the certified public key.
FIGS. 4A and 4B illustrate another embodiment of a CPU 350. FIG. 4A illustrates CPU socket 350 prior to dynamic partitioning, while FIG. 4B illustrates CPU socket 350 after being partitioned into multiple sub-sockets. In one embodiment, each sub-socket is configured as a cluster of resources. As shown in FIG. 4B, a first sub-socket is configured as cluster 0 each that includes I/O 340A and compute/accelerator resources 410A, while a second sub-socket is configured as cluster 1 each that includes I/O 340B and compute/accelerator resources 410B. In a further embodiment, compute/accelerator resources 410 may represent tiles 352 shown in FIG. 3 .
CPU 350 also includes control unit 450 that is implemented to direct the operation of CPU 350. According to one embodiment, control unit 450 is implemented is configured to perform the dynamic partitioning of CPU socket 350 into multiple sub-sockets. In a further embodiment, control unit 450 assigns a unique identity to each of the multiple sub-sockets. In such an embodiment, control unit 450 assigns AC-ROT Root to one of the partitioned sub-sockets and generates an AC-ROT Leaf for each of the remaining sub-sockets. As used herein, dynamic partitioning is defined as an automatic combination and division of sub-sockets based on CPU workloads in which multiple sub-partitions may be combined while another sub-socket partition is fully active executing a workload. Although shown as a two sub-socket implementation, other embodiments may implement different quantities of sub-sockets.
FIG. 4B, shows cluster 0 as implementing an AC-ROT Leaf0, while cluster 1 comprises an AC-ROT Leaf1. In one embodiment, a Root is defined as an AC-ROT registered by a manufacturer as an authentic via a certification process, while a Leaf as the AC-ROT that does not have a directly allocated identity. In such an embodiment, control unit 450 uses the AC-ROT Root to generate an AC-ROT Leaf for each of the sub-sockets.
In a further embodiment, AC-ROT Leaf receives a device identifier (or Device ID) public key signed by the AC-ROT Root. As discussed above, AC-ROT Root operates as a certificate of authority. Thus, the resulting certificate chain thereby carries the identity of the manufacturer embedded in the Root AC-ROT. In yet a further embodiment, the platform ROT may independently verify the identify and measurements provided by multiple AC-ROTs as if each were separate physical sockets.
FIG. 5 illustrates one embodiment of a certificate authority view of an AC-ROT Root. As shown in FIG. 5 , AC-ROT Root operates as an on-die certificate authority to generate a certificate chain associated with an AC-ROT Leaf. In one embodiment, the certificate chain associated with an AC-ROT Leaf includes the Leaf identity (e.g., LEAF 1), an indication that the identified leaf has been cryptographically signed by the AC-ROT Root (e.g., LEAF 0 signed by “Root”) and the on-device device signature authority associated with the CPU manufacturer (e.g., IDENTITY).
FIG. 6 is a flow diagram illustrating one embodiment of a process for establishing a root of trust for sub-sockets of a partitioned CPU socket. At processing block 610, partitioning of the CPU socket is detected. As discussed above, the CPU socket may be dynamically partitioned into multiple sub-sockets based on CPU workloads. As mentioned above, each sub-socket operates as its own virtual cluster of resources that is used to execute separate workloads. At processing block 620, an AC-ROT Leaf is generated for each of the multiple sub-sockets for security verification. As discussed above, an AC-ROT Leaf is generated from a certificate chain using AC-ROT Root as a certificate authority. At processing block 630, each AC-ROT Leaf communicates with the platform ROT (e.g., security engine 240) for identity verification. As discussed above, the platform ROT independently verifies the identify and measurements provided by the AC-ROT Leafs as if each were separate physical sockets.
FIG. 7 is a schematic diagram of an illustrative electronic computing device to enable enhanced protection against adversarial attacks according to some embodiments. In some embodiments, the computing device 700 includes one or more processors 710 including one or more processors cores 718 and a TEE 764, the TEE including a machine learning service enclave (MLSE) 780. In some embodiments, the computing device 700 includes a hardware accelerator 768, the hardware accelerator including a cryptographic engine 782 and a machine learning model 784. In some embodiments, the computing device is to provide enhanced protections against ML adversarial attacks, as provided in FIGS. 1-6 .
The computing device 700 may additionally include one or more of the following: cache 762, a graphical processing unit (GPU) 712 (which may be the hardware accelerator in some implementations), a wireless input/output (I/O) interface 720, a wired I/O interface 730, memory circuitry 740, power management circuitry 750, non-transitory storage device 760, and a network interface 770 for connection to a network 772. The following discussion provides a brief, general description of the components forming the illustrative computing device 700. Example, non-limiting computing devices 700 may include a desktop computing device, blade server device, workstation, or similar device or system.
In embodiments, the processor cores 718 are capable of executing machine-readable instruction sets 714, reading data and/or instruction sets 714 from one or more storage devices 760 and writing data to the one or more storage devices 760. Those skilled in the relevant art will appreciate that the illustrated embodiments as well as other embodiments may be practiced with other processor-based device configurations, including portable electronic or handheld electronic devices, for instance smartphones, portable computers, wearable computers, consumer electronics, personal computers (“PCs”), network PCs, minicomputers, server blades, mainframe computers, and the like.
The processor cores 718 may include any number of hardwired or configurable circuits, some or all of which may include programmable and/or configurable combinations of electronic components, semiconductor devices, and/or logic elements that are disposed partially or wholly in a PC, server, or other computing system capable of executing processor-readable instructions.
The computing device 700 includes a bus or similar communications link 716 that communicably couples and facilitates the exchange of information and/or data between various system components including the processor cores 718, the cache 762, the graphics processor circuitry 712, one or more wireless I/O interfaces 720, one or more wired I/O interfaces 730, one or more storage devices 760, and/or one or more network interfaces 770. The computing device 700 may be referred to in the singular herein, but this is not intended to limit the embodiments to a single computing device 700, since in certain embodiments, there may be more than one computing device 700 that incorporates, includes, or contains any number of communicably coupled, collocated, or remote networked circuits or devices.
The processor cores 718 may include any number, type, or combination of currently available or future developed devices capable of executing machine-readable instruction sets.
The processor cores 718 may include (or be coupled to) but are not limited to any current or future developed single- or multi-core processor or microprocessor, such as: on or more systems on a chip (SOCs); central processing units (CPUs); digital signal processors (DSPs); graphics processing units (GPUs); application-specific integrated circuits (ASICs), programmable logic units, field programmable gate arrays (FPGAs), and the like. Unless described otherwise, the construction and operation of the various blocks shown in FIG. 7 are of conventional design. Consequently, such blocks need not be described in further detail herein, as they will be understood by those skilled in the relevant art. The bus 716 that interconnects at least some of the components of the computing device 700 may employ any currently available or future developed serial or parallel bus structures or architectures.
The system memory 740 may include read-only memory (“ROM”) 742 and random-access memory (“RAM”) 746. A portion of the ROM 742 may be used to store or otherwise retain a basic input/output system (“BIOS”) 744. The BIOS 744 provides basic functionality to the computing device 700, for example by causing the processor cores 718 to load and/or execute one or more machine-readable instruction sets 714. In embodiments, at least some of the one or more machine-readable instruction sets 714 cause at least a portion of the processor cores 718 to provide, create, produce, transition, and/or function as a dedicated, specific, and particular machine, for example a word processing machine, a digital image acquisition machine, a media playing machine, a gaming system, a communications device, a smartphone, or similar.
The computing device 700 may include at least one wireless input/output (I/O) interface 720. The at least one wireless I/O interface 720 may be communicably coupled to one or more physical output devices 722 (tactile devices, video displays, audio output devices, hardcopy output devices, etc.). The at least one wireless I/O interface 720 may communicably couple to one or more physical input devices 724 (pointing devices, touchscreens, keyboards, tactile devices, etc.). The at least one wireless I/O interface 720 may include any currently available or future developed wireless I/O interface. Example wireless I/O interfaces include, but are not limited to: BLUETOOTH®, near field communication (NFC), and similar.
The computing device 700 may include one or more wired input/output (I/O) interfaces 730. The at least one wired I/O interface 730 may be communicably coupled to one or more physical output devices 722 (tactile devices, video displays, audio output devices, hardcopy output devices, etc.). The at least one wired I/O interface 730 may be communicably coupled to one or more physical input devices 724 (pointing devices, touchscreens, keyboards, tactile devices, etc.). The wired I/O interface 730 may include any currently available or future developed I/O interface. Example wired I/O interfaces include but are not limited to: universal serial bus (USB), IEEE 1394 (“FireWire”), and similar.
The computing device 700 may include one or more communicably coupled, non-transitory, data storage devices 760. The data storage devices 760 may include one or more hard disk drives (HDDs) and/or one or more solid-state storage devices (SSDs). The one or more data storage devices 760 may include any current or future developed storage appliances, network storage devices, and/or systems. Non-limiting examples of such data storage devices 760 may include, but are not limited to, any current or future developed non-transitory storage appliances or devices, such as one or more magnetic storage devices, one or more optical storage devices, one or more electro-resistive storage devices, one or more molecular storage devices, one or more quantum storage devices, or various combinations thereof. In some implementations, the one or more data storage devices 760 may include one or more removable storage devices, such as one or more flash drives, flash memories, flash storage units, or similar appliances or devices capable of communicable coupling to and decoupling from the computing device 700.
The one or more data storage devices 760 may include interfaces or controllers (not shown) communicatively coupling the respective storage device or system to the bus 716. The one or more data storage devices 760 may store, retain, or otherwise contain machine-readable instruction sets, data structures, program modules, data stores, databases, logical structures, and/or other data useful to the processor cores 718 and/or graphics processor circuitry 712 and/or one or more applications executed on or by the processor cores 718 and/or graphics processor circuitry 712. In some instances, one or more data storage devices 760 may be communicably coupled to the processor cores 718, for example via the bus 716 or via one or more wired communications interfaces 730 (e.g., Universal Serial Bus or USB); one or more wireless communications interfaces 720 (e.g., Bluetooth®, Near Field Communication or NFC); and/or one or more network interfaces 770 (IEEE 802.3 or Ethernet, IEEE 802.11, or Wi-Fi®, etc.).
Processor-readable instruction sets 714 and other programs, applications, logic sets, and/or modules may be stored in whole or in part in the system memory 740. Such instruction sets 714 may be transferred, in whole or in part, from the one or more data storage devices 760. The instruction sets 714 may be loaded, stored, or otherwise retained in system memory 740, in whole or in part, during execution by the processor cores 718 and/or graphics processor circuitry 712.
The computing device 700 may include power management circuitry 750 that controls one or more operational aspects of the energy storage device 752. In embodiments, the energy storage device 752 may include one or more primary (i.e., non-rechargeable) or secondary (i.e., rechargeable) batteries or similar energy storage devices. In embodiments, the energy storage device 752 may include one or more supercapacitors or ultracapacitors. In embodiments, the power management circuitry 750 may alter, adjust, or control the flow of energy from an external power source 754 to the energy storage device 752 and/or to the computing device 700. The power source 754 may include, but is not limited to, a solar power system, a commercial electric grid, a portable generator, an external energy storage device, or any combination thereof.
For convenience, the processor cores 718, the graphics processor circuitry 712, the wireless I/O interface 720, the wired I/O interface 730, the storage device 760, and the network interface 770 are illustrated as communicatively coupled to each other via the bus 716, thereby providing connectivity between the above-described components. In alternative embodiments, the above-described components may be communicatively coupled in a different manner than illustrated in FIG. 7 . For example, one or more of the above-described components may be directly coupled to other components, or may be coupled to each other, via one or more intermediary components (not shown). In another example, one or more of the above-described components may be integrated into the processor cores 718 and/or the graphics processor circuitry 712. In some embodiments, all or a portion of the bus 716 may be omitted and the components are coupled directly to each other using suitable wired or wireless connections.
Embodiments may be provided, for example, as a computer program product which may include one or more transitory or non-transitory machine-readable storage media having stored thereon machine-executable instructions that, when executed by one or more machines such as a computer, network of computers, or other electronic devices, may result in the one or more machines carrying out operations in accordance with embodiments described herein. A machine-readable medium may include, but is not limited to, floppy diskettes, optical disks, CD-ROMs (Compact Disc-Read Only Memories), and magneto-optical disks, ROMs, RAMs, EPROMs (Erasable Programmable Read Only Memories), EEPROMs (Electrically Erasable Programmable Read Only Memories), magnetic or optical cards, flash memory, or other type of media/machine-readable medium suitable for storing machine-executable instructions.
Some embodiments pertain to Example 1 that includes a computer platform comprising a central processing unit (CPU) including at least one socket having a plurality of tiles and control circuitry to partition the socket into a plurality of sub-sockets and assign a unique identity to each of the plurality of sub-sockets for security verification, wherein each sub-socket comprises at least one of the plurality of tiles to operate as a cluster of resources.
Example 2 includes the subject matter of Example 1, wherein assigning the unique identity to each of the plurality of sub-sockets comprises generating a first active component root of trust (AC-ROT) Leaf associated with a first of the plurality of sub-sockets and generating a second active component AC-ROT Leaf associated with a second of the plurality of sub-sockets.
Example 3 includes the subject matter of Examples 1 and 2, wherein the first AC-ROT Leaf and the second AC-ROT Leaf are generated using an AC-ROT Root.
Example 4 includes the subject matter of Examples 1-3, wherein the AC-ROT Root comprises the CPU AC-ROT.
Example 5 includes the subject matter of Examples 1-4, wherein the AC-ROT Root operates as a certificate of authority to generate a first certificate chain associated with the first AC-ROT Leaf and a second certificate chain associated with the second AC-ROT Leaf.
Example 6 includes the subject matter of Examples 1-5, wherein the certificate chain comprises a leaf identity, an indication that the identified leaf has been cryptographically signed by the AC-ROT Root and an on-device device signature authority associated with a manufacturer of the CPU.
Example 7 includes the subject matter of Examples 1-6, wherein the AC-ROT Leaf receives a device identifier public key signed by the AC-ROT Root.
Example 8 includes the subject matter of Examples 1-7, wherein the platform further comprises a security engine to operate is a root of trust for the platform.
Example 9 includes the subject matter of Examples 1-8, wherein the security engine verifies the identity of the first sub-socket via the first AC-ROT Leaf and verifies the identity of the second sub-socket via the second AC-ROT Leaf.
Some embodiments pertain to Example 10 that includes a method comprising detecting a partitioning of a central processing unit (CPU) socket having a plurality of tiles into plurality of plurality of sub-sockets and assigning a unique identity to each of the plurality of sub-sockets for security verification, wherein each sub-socket comprises at least one of the plurality of tiles to operate as a cluster of resources.
Example 11 includes the subject matter of Example 10, wherein assigning the unique identity to each of the plurality of sub-sockets comprises generating a first active component root of trust (AC-ROT) Leaf associated with a first of the plurality of sub-sockets and generating a second active component AC-ROT Leaf associated with a second of the plurality of sub-sockets.
Example 12 includes the subject matter of Examples 10 and 11, wherein the first AC-ROT Leaf and the second AC-ROT Leaf are generated using an AC-ROT Root.
Example 13 includes the subject matter of Examples 10-12, wherein the AC-ROT Root comprises a CPU AC-ROT associated with the CPU.
Example 14 includes the subject matter of Examples 10-13, wherein the AC-ROT Root operates as a certificate of authority to generate a first certificate chain associated with the first AC-ROT Leaf and a second certificate chain associated with the second AC-ROT Leaf.
Example 15 includes the subject matter of Examples 10-14, further comprising verifying the identity of the first sub-socket via the first AC-ROT Leaf at a platform root of trust and verifying the identity of the second sub-socket via the second AC-ROT Leaf at the platform root of trust.
Some embodiments pertain to Example 16 that includes a system on chip (SOC) comprising a central processing unit (CPU) including at least one socket having a plurality of tiles and control circuitry to partition the socket into a plurality of sub-sockets and assign a unique identity to each of the plurality of sub-sockets for security verification, wherein each sub-socket comprises at least one of the plurality of tiles to operate as a cluster of resources and a security engine to verify the identity of the plurality of sub-sockets.
Example 17 includes the subject matter of Example 16, wherein assigning the unique identity to each of the plurality of sub-sockets comprises generating a first active component root of trust (AC-ROT) Leaf associated with a first of the plurality of sub-sockets and generating a second active component AC-ROT Leaf associated with a second of the plurality of sub-sockets.
Example 18 includes the subject matter of Examples 16 and 17, wherein the first AC-ROT Leaf and the second AC-ROT Leaf are generated using an AC-ROT Root.
Example 19 includes the subject matter of Examples 16-18, wherein the AC-ROT Root operates as a certificate of authority to generate a first certificate chain associated with the first AC-ROT Leaf and a second certificate chain associated with the second AC-ROT Leaf.
Example 20 includes the subject matter of Examples 16-19, wherein the security engine verifies the identity of the first sub-socket via the first AC-ROT Leaf and verifies the identity of the second sub-socket via the second AC-ROT Leaf.
The embodiment has been described above with reference to specific embodiments. Persons skilled in the art, however, will understand that various modifications and changes may be made thereto without departing from the broader spirit and scope of the embodiment as set forth in the appended claims. The foregoing description and drawings are, accordingly, to be regarded in an illustrative rather than a restrictive sense.

Claims (20)

What is claimed is:
1. A computer platform comprising:
a central processing unit (CPU) including:
at least one socket having a plurality of tiles; and
control circuitry to partition the socket into a plurality of sub-sockets and assign a unique identity to each of the plurality of sub-sockets for security verification, wherein each sub-socket comprises at least one of the plurality of tiles to operate as a cluster of resources.
2. The computer platform of claim 1, wherein assigning the unique identity to each of the plurality of sub-sockets comprises generating a first active component root of trust (AC-ROT) Leaf associated with a first of the plurality of sub-sockets and generating a second active component AC-ROT Leaf associated with a second of the plurality of sub-sockets.
3. The computer platform of claim 2, wherein the first AC-ROT Leaf and the second AC-ROT Leaf are generated using an AC-ROT Root.
4. The computer platform of claim 3, wherein the AC-ROT Root comprises an AC-ROT associated with the CPU.
5. The computer platform of claim 4, wherein the AC-ROT Root operates as a certificate of authority to generate a first certificate chain associated with the first AC-ROT Leaf and a second certificate chain associated with the second AC-ROT Leaf.
6. The computer platform of claim 5, wherein the certificate chain comprises a leaf identity, an indication that an identified Leaf has been cryptographically signed by the AC-ROT Root and an on-device device signature authority associated with a manufacturer of the CPU.
7. The computer platform of claim 6, wherein the AC-ROT Leaf receives a device identifier public key signed by the AC-ROT Root.
8. The computer platform of claim 7, wherein the platform further comprises a security engine to operate is a root of trust for the platform.
9. The computer platform of claim 8, wherein the security engine verifies the identity of the first sub-socket via the first AC-ROT Leaf and verifies the identity of the second sub-socket via the second AC-ROT Leaf.
10. A method comprising:
detecting a partitioning of a central processing unit (CPU) socket having a plurality of tiles into plurality of plurality of sub-sockets; and
assigning a unique identity to each of the plurality of sub-sockets for security verification, wherein each sub-socket comprises at least one of the plurality of tiles to operate as a cluster of resources.
11. The method of claim 10, wherein assigning the unique identity to each of the plurality of sub-sockets comprises:
generating a first active component root of trust (AC-ROT) Leaf associated with a first of the plurality of sub-sockets; and
generating a second active component AC-ROT Leaf associated with a second of the plurality of sub-sockets.
12. The method of claim 11, wherein the first AC-ROT Leaf and the second AC-ROT Leaf are generated using an AC-ROT Root.
13. The method of claim 12, wherein the AC-ROT Root comprises a CPU AC-ROT associated with the CPU.
14. The method of claim 13, wherein the AC-ROT Root operates as a certificate of authority to generate a first certificate chain associated with the first AC-ROT Leaf and a second certificate chain associated with the second AC-ROT Leaf.
15. The method of claim 13, further comprising:
verifying the identity of the first sub-socket via the first AC-ROT Leaf at a platform root of trust; and
verifying the identity of the second sub-socket via the second AC-ROT Leaf at the platform root of trust.
16. A system on chip (SOC) comprising:
a central processing unit (CPU) including:
at least one socket having a plurality of tiles; and
control circuitry to partition the socket into a plurality of sub-sockets and assign a unique identity to each of the plurality of sub-sockets for security verification, wherein each sub-socket comprises at least one of the plurality of tiles to operate as a cluster of resources; and
a security engine to verify the identity of the plurality of sub-sockets.
17. The SOC of claim 16, wherein assigning the unique identity to each of the plurality of sub-sockets comprises generating a first active component root of trust (AC-ROT) Leaf associated with a first of the plurality of sub-sockets and generating a second active component AC-ROT Leaf associated with a second of the plurality of sub-sockets.
18. The SOC of claim 17, wherein the first AC-ROT Leaf and the second AC-ROT Leaf are generated using an AC-ROT Root.
19. The SOC of claim 18, wherein the AC-ROT Root operates as a certificate of authority to generate a first certificate chain associated with the first AC-ROT Leaf and a second certificate chain associated with the second AC-ROT Leaf.
20. The SOC of claim 19, wherein the security engine verifies the identity of the first sub-socket via the first AC-ROT Leaf and verifies the identity of the second sub-socket via the second AC-ROT Leaf.
US17/355,378 2021-06-23 2021-06-23 Partitioned platform security mechanism Active 2041-12-18 US11693940B2 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
US17/355,378 US11693940B2 (en) 2021-06-23 2021-06-23 Partitioned platform security mechanism
TW111108416A TW202301166A (en) 2021-06-23 2022-03-08 Partitioned platform security mechanism
PCT/US2022/019779 WO2022271220A1 (en) 2021-06-23 2022-03-10 Partitioned platform security mechanism
US18/296,679 US20230244772A1 (en) 2021-06-23 2023-04-06 Partitioned platform security mechanism

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US17/355,378 US11693940B2 (en) 2021-06-23 2021-06-23 Partitioned platform security mechanism

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US18/296,679 Continuation US20230244772A1 (en) 2021-06-23 2023-04-06 Partitioned platform security mechanism

Publications (2)

Publication Number Publication Date
US20210319088A1 US20210319088A1 (en) 2021-10-14
US11693940B2 true US11693940B2 (en) 2023-07-04

Family

ID=78006943

Family Applications (2)

Application Number Title Priority Date Filing Date
US17/355,378 Active 2041-12-18 US11693940B2 (en) 2021-06-23 2021-06-23 Partitioned platform security mechanism
US18/296,679 Pending US20230244772A1 (en) 2021-06-23 2023-04-06 Partitioned platform security mechanism

Family Applications After (1)

Application Number Title Priority Date Filing Date
US18/296,679 Pending US20230244772A1 (en) 2021-06-23 2023-04-06 Partitioned platform security mechanism

Country Status (3)

Country Link
US (2) US11693940B2 (en)
TW (1) TW202301166A (en)
WO (1) WO2022271220A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11693940B2 (en) 2021-06-23 2023-07-04 Intel Corporation Partitioned platform security mechanism

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090164739A1 (en) * 2007-12-20 2009-06-25 Ajay Harikumar Method,system and apparatus for handling events for partitions in a socket with sub-socket partitioning
WO2011000748A2 (en) 2009-07-01 2011-01-06 International Business Machines Corporation Resource allocation in virtualized environments
WO2020000354A1 (en) 2018-06-29 2020-01-02 Intel Corporation Cpu hot-swapping
US20210319088A1 (en) 2021-06-23 2021-10-14 Intel Corporation Partitioned platform security mechanism
US11409771B1 (en) * 2020-03-26 2022-08-09 Amazon Technologies, Inc. Splitting partitions across clusters in a time-series database
US20220342822A1 (en) * 2019-06-20 2022-10-27 Telefonaktiebolaget Lm Ericsson (Publ) Network entities and methods performed therein for handling cache coherency

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7698552B2 (en) * 2004-06-03 2010-04-13 Intel Corporation Launching a secure kernel in a multiprocessor system
GB2519115A (en) * 2013-10-10 2015-04-15 Ibm Providing isolated entropy elements

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090164739A1 (en) * 2007-12-20 2009-06-25 Ajay Harikumar Method,system and apparatus for handling events for partitions in a socket with sub-socket partitioning
WO2011000748A2 (en) 2009-07-01 2011-01-06 International Business Machines Corporation Resource allocation in virtualized environments
WO2020000354A1 (en) 2018-06-29 2020-01-02 Intel Corporation Cpu hot-swapping
US20220342822A1 (en) * 2019-06-20 2022-10-27 Telefonaktiebolaget Lm Ericsson (Publ) Network entities and methods performed therein for handling cache coherency
US11409771B1 (en) * 2020-03-26 2022-08-09 Amazon Technologies, Inc. Splitting partitions across clusters in a time-series database
US20210319088A1 (en) 2021-06-23 2021-10-14 Intel Corporation Partitioned platform security mechanism
WO2022271220A1 (en) 2021-06-23 2022-12-29 Intel Corporation Partitioned platform security mechanism
TW202301166A (en) 2021-06-23 2023-01-01 美商英特爾公司 Partitioned platform security mechanism

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
International Search Report and Written Opinion for PCT/US22/19779 dated Jun. 28, 2022, 9 pages.

Also Published As

Publication number Publication date
TW202301166A (en) 2023-01-01
US20210319088A1 (en) 2021-10-14
US20230244772A1 (en) 2023-08-03
WO2022271220A1 (en) 2022-12-29

Similar Documents

Publication Publication Date Title
US20190065786A1 (en) System and Method for Enabling and Disabling of Baseboard Management Controller Configuration Lockdown
US11928215B2 (en) Firmware verification mechanism
US20230244772A1 (en) Partitioned platform security mechanism
US11494523B2 (en) Direct memory access mechanism
US11886316B2 (en) Platform measurement collection mechanism
EP4195079A1 (en) Hardware integrity verification mechanism
US20210110043A1 (en) Platform firmware boot mechanism
US11429289B2 (en) Memory map protection mechanism
US20220004635A1 (en) Computing peripheral interface management mechanism
US11940944B2 (en) Fuse recipe update mechanism
US11741227B2 (en) Platform security mechanism
US20210312045A1 (en) Integrated circuit side-channel mitigation mechanism
US11861009B2 (en) Mechanism to update attested firmware on a platform
US11429496B2 (en) Platform data resiliency mechanism
US20220092196A1 (en) Mechanism for secure library sharing
US11568048B2 (en) Firmware descriptor resiliency mechanism
US20220004398A1 (en) Integrated circuit package reconfiguration mechanism
EP4194860A1 (en) Clock frequency ratio monitor
US20220103557A1 (en) Mechanism for managing services to network endpoint devices
US20220103358A1 (en) Cloud key access mechanism

Legal Events

Date Code Title Description
FEPP Fee payment procedure

Free format text: ENTITY STATUS SET TO UNDISCOUNTED (ORIGINAL EVENT CODE: BIG.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

STPP Information on status: patent application and granting procedure in general

Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION

AS Assignment

Owner name: INTEL CORPORATION, CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:PILLILLI, BHARAT;PALMER, DAVID W.;RADOVANOVIC, NIKOLA;SIGNING DATES FROM 20210624 TO 20220715;REEL/FRAME:060534/0476

STCF Information on status: patent grant

Free format text: PATENTED CASE